Analysis of distributed multi-periodic systems to achieve consistent data matching

International audienceDistributed real-time architecture of an embedded system is often described as a set of communicating components. Such a system is data flow (for its description) and time-triggered (for its execution). This work fits in with these problematics and focuses on the control of the time compatibility of a set of interdependent data used by the system components. The architecture of a component-based system forms a graph of communicating components, where more than one path can link two components. These paths may have different timing characteristics but the flows of information which transit on these paths may need to be adequately matched, so that a component uses inputs which all (directly or indirectly) depend on the same production step. In this paper, we define this temporal datamatching property, we show how to analyze the architecture to detect situations that cause data matching inconsistencies, and we describe an approach to manage data matching that uses queues to delay too fast paths and timestamps to recognize consistent data

End-to-end latency and temporal consistency analysis in networked real-time systems

International audienceCritical embedded systems are often designed as a set of real-time tasks, running on shared computing modules, and communicating through networks. Because of their critical nature, such systems have to meet strict timing properties. To help the designers to prove the correctness of their system, the real-time systems community has developed numerous approaches for analysing the worst case scenarios either on the processors (e.g., worst case response time of a task) or on the networks (e.g., worst case traversal time of a message). These approaches provide results only for local components behaviours. However, there is a growing need for having a global view of the system, in order to determine end-to-end properties. Such a property applies to functional chains which describe the behaviour of sequences of tasks. We propose an approach to analyse worst case behaviour along functional chains in critical embedded systems. It is based on mixed integer linear programming (MILP) and is general in the sense that it can be applied to a variety of end-to-end properties. This paper focuses on two essential properties: end-to-end latency and temporal consistency. This work was supported by the French National Research Agency within the SATRIMMAP project

Association cohérente de données dans les systèmes temps réel à base de composants - Application aux logiciels spatiaux

Les architectures distribuées des systèmes embarqués sont souvent décrites sous la forme de composants concurrents communiquant entre eux. De tels systèmes sont à la fois orientés flot de données pour leur description, et dirigés par le temps pour leur exécution. Cette thèse s’inscrit dans cette problématique et se concentre sur le contrôle de la compatibilité temporelle d’un ensemble de données interdépendantes utilisées par les composants du système. L’architecture d’un système modélisé par composants forme un graphe où plusieurs chemins peuvent relier deux composants, avec des caractéristiques temporelles hétérogènes, ce qui induit des temps de parcours disparates. Il est alors important que ces flots d’information soient assemblés de façon cohérente sur le composant destinataire, c’est-à-dire de telle manière que le composant utilise en entrée des données dépendant (directement ou indirectement) du même pas d’exécution du composant à l’origine de ces flots multiples. Dans un premier temps, ce principe d’association cohérente de données est identifié et formalisé. Une méthodologie est proposée afin de détecter, dans un graphe de composants, les configurations pouvant poser des problèmes d’association de données. Dans un deuxième temps, différentes approches sont détaillées afin de gérer l’association cohérente des données dans des systèmes périodiques sans supposer de propriétés strictes sur l’ordonnancement des composants. Dans les systèmes où les composants partagent la même période et où les communications intra-périodiques sont interdites, l’association des données est gérée par un mécanisme de files permettant de rééquilibrer les temps de parcours des données sur les différents chemins. Dans le cas où les composants sont de périodes diverses, un mécanisme d’estampillage des données est utilisé afin de mémoriser les dépendances entre données. Associé à l’utilisation de files, cet estampillage permet aux composants de sélectionner, à chacune de leurs phases d’activation, des ensembles de données cohérents choisis parmi les données à leur disposition. La notion d’association cohérente est ensuite relâchée, permettant une utilisation de données approximativement cohérentes. Des files filtrantes, n’enregistrant qu’une donnée sur un certain nombre de données reçues, permettent de réduire la taille des files nécessaires. Par ailleurs, du fait de la liberté du modèle d’exécution choisi, il existe des situations où il est impossible de garantir la vivacité de l’association cohérente des données. D’autre part, une architecture particulière peut générer des contraintes de cohérence conflictuelles et aboutir à une impossibilité de gestion de la cohérence. Pour terminer, les résultats de ces travaux sont appliqués sur le logiciel applicatif d’un satellite d’observation terrestre détectant des points chauds. ABSTRACT : Distributed real time architecture of an embedded system is often described as a set of communicating components. Such a system is both data flow (for its description) and time-triggered (for its execution). This thesis fits in with these problematics and focuses on the control of the time compatibility of a set of interdependent data used by the components of the system. The architecture of a component-based system forms a graph of communicating components, where more than one path can link two components. These paths may have different timing characteristics, so information which transits on these paths takes various time to reach the final component. However, the flows of information need to be adequately matched, so that the final component uses inputs which all (directly or indirectly) depend on the same production step of the initial component. We call this property consistent data matching. The data matching property is defined and formalized. A methodology is proposed to detect, in a component graph, the architecture configurations that have to be analyzed. Several approaches are developed to manage data matching in periodic systems, without considering strict properties on the system scheduling. First, we consider systems composed by components sharing the same period and where intra-periodic communications are forbidden. Data matching is managed using queues that allows to balance the data transit times through the several paths. Then, we study systems where components have independent periods. Queues are also used and data timestamping is added to record data dependencies. Thus, a component is able, for each of its activation steps, to select consistent data sets according to data dependencies among the available input data. Data matching consistency is relaxed to allow the use of approximately consistent data sets. We use filtering queues which record only one data among a given number they receive. Their use allows to reduce the necessary queue size. Due to the loose execution model constraints, some situations exist where data matching liveliness is not guaranteed. Moreover, particular system architectures generate conflictual constraints and lead to an impossible data matching management. The thesis results are applied on the software of an earth observation satellite constellation, Fuego, which detects fires or eruptions

Mutual Consistency in Real-Time Databases

A real-time database is composed of real-time objects whose values remain valid only within their validity intervals. Each object in the database models a real world entity. The freshness of these objects is maintained by update transactions that sample the real world entities. The literature proposes various ways to derive a schedule of transactions that preserves the freshness (also known as absolute consistency) of these objects. But these approaches do not take care of the mutual consistency of the objects, i.e., whether together they represent a logical state of the System. We investigate the problem of checking whether given an update transaction schedule, a periodic query would be able to read mutually consistent values. We propose solutions for both single- and multiple-query cases in the presence of non-preemptable query executions. Specifically, we first investigate formulas that give the maximal value of mutual gaps among a set of data read at a certain point in time. (A mutual gap for two object values read from the database refers to the difference between the times at which the two objects were updated.) We then propose design approaches to (1) decide the period and relative deadline of a query so that it would guarantee mutual consistency; (2) decide if a given set of queries with relative deadlines and periods can guarantee mutual consistency. Finally, we suggest ways of reducing the complexity of our proposed approaches for both harmonic periods and general cases